summaryrefslogtreecommitdiffstats
path: root/dbus/dbus-credentials.c
diff options
context:
space:
mode:
authorColin Walters <walters@verbum.org>2008-06-05 17:24:34 -0400
committerColin Walters <walters@verbum.org>2008-06-05 17:24:34 -0400
commitab1eb1fd5a26affa2383b0eb7e292efd83ec2546 (patch)
tree818f81b0b7ccf132b55bf6c2d1c83bbf587b151c /dbus/dbus-credentials.c
parent81c32a52575ad0e1a831d4bea76f2df7d2b0cd22 (diff)
Bug 15740: Solaris/ADT auditing support (simon zheng)
* bus/driver.c: Add GetAdtAuditSessionData method which returns audit data for a connection. * configure.in: Detect ADT auditing support * dbus/dbus-auth.c: Read ADT auditing creds. * dbus/dbus-connection.c: Implement dbus_connection_get_adt_audit_session_data. * dbus/dbus-connection.h: Export it. * dbus/dbus-credentials.c: Add support for gathering adt_audit_data and retrieving it via _dbus_credentials_get_adt_audit_data. * dbus/dbus-credentials.h: Add DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID. * dbus/dbus-protocol.h: New error DBUS_ERROR_ADT_AUDIT_DATA_UNKNOWN. * dbus/dbus-sysdeps.c: Support for reading audit credentials via ADT API. * dbus/dbus-transport.c: New function _dbus_transport_get_adt_audit_session_data to retrieve credentials. * dbus/dbus-transport.h: Export it.
Diffstat (limited to 'dbus/dbus-credentials.c')
-rw-r--r--dbus/dbus-credentials.c79
1 files changed, 77 insertions, 2 deletions
diff --git a/dbus/dbus-credentials.c b/dbus/dbus-credentials.c
index 790ca06b..f21ecb27 100644
--- a/dbus/dbus-credentials.c
+++ b/dbus/dbus-credentials.c
@@ -50,6 +50,8 @@ struct DBusCredentials {
dbus_uid_t unix_uid;
dbus_pid_t unix_pid;
char *windows_sid;
+ void *adt_audit_data;
+ dbus_int32_t adt_audit_data_size;
};
/** @} */
@@ -77,6 +79,8 @@ _dbus_credentials_new (void)
creds->unix_uid = DBUS_UID_UNSET;
creds->unix_pid = DBUS_PID_UNSET;
creds->windows_sid = NULL;
+ creds->adt_audit_data = NULL;
+ creds->adt_audit_data_size = 0;
return creds;
}
@@ -129,6 +133,7 @@ _dbus_credentials_unref (DBusCredentials *credentials)
if (credentials->refcount == 0)
{
dbus_free (credentials->windows_sid);
+ dbus_free (credentials->adt_audit_data);
dbus_free (credentials);
}
}
@@ -188,6 +193,31 @@ _dbus_credentials_add_windows_sid (DBusCredentials *credentials,
}
/**
+ * Add ADT audit data to the credentials.
+ *
+ * @param credentials the object
+ * @param audit_data the audit data
+ * @param size the length of audit data
+ * @returns #FALSE if no memory
+ */
+dbus_bool_t
+_dbus_credentials_add_adt_audit_data (DBusCredentials *credentials,
+ void *audit_data,
+ dbus_int32_t size)
+{
+ void *copy;
+ copy = _dbus_memdup (audit_data, size);
+ if (copy == NULL)
+ return FALSE;
+
+ dbus_free (credentials->adt_audit_data);
+ credentials->adt_audit_data = copy;
+ credentials->adt_audit_data_size = size;
+
+ return TRUE;
+}
+
+/**
* Checks whether the given credential is present.
*
* @param credentials the object
@@ -206,6 +236,8 @@ _dbus_credentials_include (DBusCredentials *credentials,
return credentials->unix_uid != DBUS_UID_UNSET;
case DBUS_CREDENTIAL_WINDOWS_SID:
return credentials->windows_sid != NULL;
+ case DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID:
+ return credentials->adt_audit_data != NULL;
}
_dbus_assert_not_reached ("Unknown credential enum value");
@@ -252,6 +284,32 @@ _dbus_credentials_get_windows_sid (DBusCredentials *credentials)
}
/**
+ * Gets the ADT audit data in the credentials, or #NULL if
+ * the credentials object doesn't contain ADT audit data.
+ *
+ * @param credentials the object
+ * @returns Solaris ADT audit data
+ */
+void *
+_dbus_credentials_get_adt_audit_data (DBusCredentials *credentials)
+{
+ return credentials->adt_audit_data;
+}
+
+/**
+ * Gets the ADT audit data size in the credentials, or 0 if
+ * the credentials object doesn't contain ADT audit data.
+ *
+ * @param credentials the object
+ * @returns Solaris ADT audit data size
+ */
+dbus_int32_t
+_dbus_credentials_get_adt_audit_data_size (DBusCredentials *credentials)
+{
+ return credentials->adt_audit_data_size;
+}
+
+/**
* Checks whether the first credentials object contains
* all the credentials found in the second credentials object.
*
@@ -270,7 +328,11 @@ _dbus_credentials_are_superset (DBusCredentials *credentials,
possible_subset->unix_uid == credentials->unix_uid) &&
(possible_subset->windows_sid == NULL ||
(credentials->windows_sid && strcmp (possible_subset->windows_sid,
- credentials->windows_sid) == 0));
+ credentials->windows_sid) == 0)) &&
+ (possible_subset->adt_audit_data == NULL ||
+ (credentials->adt_audit_data && memcmp (possible_subset->adt_audit_data,
+ credentials->adt_audit_data,
+ credentials->adt_audit_data_size) == 0));
}
/**
@@ -285,7 +347,8 @@ _dbus_credentials_are_empty (DBusCredentials *credentials)
return
credentials->unix_pid == DBUS_PID_UNSET &&
credentials->unix_uid == DBUS_UID_UNSET &&
- credentials->windows_sid == NULL;
+ credentials->windows_sid == NULL &&
+ credentials->adt_audit_data == NULL;
}
/**
@@ -322,6 +385,9 @@ _dbus_credentials_add_credentials (DBusCredentials *credentials,
DBUS_CREDENTIAL_UNIX_USER_ID,
other_credentials) &&
_dbus_credentials_add_credential (credentials,
+ DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID,
+ other_credentials) &&
+ _dbus_credentials_add_credential (credentials,
DBUS_CREDENTIAL_WINDOWS_SID,
other_credentials);
}
@@ -360,6 +426,12 @@ _dbus_credentials_add_credential (DBusCredentials *credentials,
{
if (!_dbus_credentials_add_windows_sid (credentials, other_credentials->windows_sid))
return FALSE;
+ }
+ else if (which == DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID &&
+ other_credentials->adt_audit_data != NULL)
+ {
+ if (!_dbus_credentials_add_adt_audit_data (credentials, other_credentials->adt_audit_data, other_credentials->adt_audit_data_size))
+ return FALSE;
}
return TRUE;
@@ -377,6 +449,9 @@ _dbus_credentials_clear (DBusCredentials *credentials)
credentials->unix_uid = DBUS_UID_UNSET;
dbus_free (credentials->windows_sid);
credentials->windows_sid = NULL;
+ dbus_free (credentials->adt_audit_data);
+ credentials->adt_audit_data = NULL;
+ credentials->adt_audit_data_size = 0;
}
/**
generated by cgit (git 2.34.1) at 2024-05-17 01:05:40 +0000